ECB: Report on the Thematic Review on effective risk data aggregation and risk reporting

07 May 2018

This report provides information about the methodology adopted by the Thematic Review and the findings observed, in order to raise awareness of the importance of strengthening governance arrangements around data aggregation and reporting capabilities.

Particularly as regards:

• increasing the involvement of relevant bodies/functions at different levels,
• the appropriate involvement of the various lines of defence and
• the formalisation of processes, roles and responsibilities.

If IT strategies relating to data and system architecture are comprehensive and sufficiently embedded in strategic decision-making processes, this will support the enhancement of such governance arrangements.

Integrated operational processes for risk, adequate reporting, and the mitigation of risks stemming from pervasive manual processes (which in many cases are neither traced nor independently reviewed and approved) also represent good practices in this regard.

The general conclusions set out in this report are, of course, without prejudice to the ECB’s assessment of the risk governance of individual credit institutions, which is conducted in the context of its ongoing supervisory work and takes account of the specificities of each entity in terms of the application of the relevant legal framework.

Full report

© ECB - European Central Bank